backend/internal/middleware/jwt_auth.go

package middleware

import (
	"github.com/gin-gonic/gin"
	"github.com/stonith404/pocket-id/backend/internal/common"
	"github.com/stonith404/pocket-id/backend/internal/service"
	"strings"
)

type JwtAuthMiddleware struct {
	jwtService            *service.JwtService
	ignoreUnauthenticated bool
}

func NewJwtAuthMiddleware(jwtService *service.JwtService, ignoreUnauthenticated bool) *JwtAuthMiddleware {
	return &JwtAuthMiddleware{jwtService: jwtService, ignoreUnauthenticated: ignoreUnauthenticated}
}

func (m *JwtAuthMiddleware) Add(adminOnly bool) gin.HandlerFunc {
	return func(c *gin.Context) {
		// Extract the token from the cookie or the Authorization header
		token, err := c.Cookie("access_token")
		if err != nil {
			authorizationHeaderSplitted := strings.Split(c.GetHeader("Authorization"), " ")
			if len(authorizationHeaderSplitted) == 2 {
				token = authorizationHeaderSplitted[1]
			} else if m.ignoreUnauthenticated {
				c.Next()
				return
			} else {
				c.Error(&common.NotSignedInError{})
				c.Abort()
				return
			}
		}

		claims, err := m.jwtService.VerifyAccessToken(token)
		if err != nil && m.ignoreUnauthenticated {
			c.Next()
			return
		} else if err != nil {
			c.Error(&common.NotSignedInError{})
			c.Abort()
			return
		}

		// Check if the user is an admin
		if adminOnly && !claims.IsAdmin {
			c.Error(&common.MissingPermissionError{})
			c.Abort()
			return
		}

		c.Set("userID", claims.Subject)
		c.Set("userIsAdmin", claims.IsAdmin)
		c.Next()
	}
}
initial commit 2024-08-12 11:00:25 +02:00			`package middleware`

			`import (`
			`"github.com/gin-gonic/gin"`
feat: custom claims (#53) 2024-10-28 18:11:54 +01:00			`"github.com/stonith404/pocket-id/backend/internal/common"`
refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`"github.com/stonith404/pocket-id/backend/internal/service"`
initial commit 2024-08-12 11:00:25 +02:00			`"strings"`
			`)`

refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`type JwtAuthMiddleware struct {`
refactor: use dtos in controllers 2024-08-23 17:04:19 +02:00			`jwtService *service.JwtService`
			`ignoreUnauthenticated bool`
refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`}`

refactor: use dtos in controllers 2024-08-23 17:04:19 +02:00			`func NewJwtAuthMiddleware(jwtService service.JwtService, ignoreUnauthenticated bool) JwtAuthMiddleware {`
			`return &JwtAuthMiddleware{jwtService: jwtService, ignoreUnauthenticated: ignoreUnauthenticated}`
refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`}`
initial commit 2024-08-12 11:00:25 +02:00
refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`func (m *JwtAuthMiddleware) Add(adminOnly bool) gin.HandlerFunc {`
			`return func(c *gin.Context) {`
initial commit 2024-08-12 11:00:25 +02:00			`// Extract the token from the cookie or the Authorization header`
			`token, err := c.Cookie("access_token")`
			`if err != nil {`
			`authorizationHeaderSplitted := strings.Split(c.GetHeader("Authorization"), " ")`
			`if len(authorizationHeaderSplitted) == 2 {`
			`token = authorizationHeaderSplitted[1]`
refactor: use dtos in controllers 2024-08-23 17:04:19 +02:00			`} else if m.ignoreUnauthenticated {`
			`c.Next()`
			`return`
initial commit 2024-08-12 11:00:25 +02:00			`} else {`
feat: custom claims (#53) 2024-10-28 18:11:54 +01:00			`c.Error(&common.NotSignedInError{})`
fix: errors in middleware do not abort the request 2024-11-01 23:41:57 +01:00			`c.Abort()`
initial commit 2024-08-12 11:00:25 +02:00			`return`
			`}`
			`}`

refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`claims, err := m.jwtService.VerifyAccessToken(token)`
refactor: use dtos in controllers 2024-08-23 17:04:19 +02:00			`if err != nil && m.ignoreUnauthenticated {`
			`c.Next()`
			`return`
			`} else if err != nil {`
feat: custom claims (#53) 2024-10-28 18:11:54 +01:00			`c.Error(&common.NotSignedInError{})`
initial commit 2024-08-12 11:00:25 +02:00			`c.Abort()`
			`return`
			`}`

			`// Check if the user is an admin`
			`if adminOnly && !claims.IsAdmin {`
feat: custom claims (#53) 2024-10-28 18:11:54 +01:00			`c.Error(&common.MissingPermissionError{})`
initial commit 2024-08-12 11:00:25 +02:00			`c.Abort()`
			`return`
			`}`

			`c.Set("userID", claims.Subject)`
			`c.Set("userIsAdmin", claims.IsAdmin)`
			`c.Next()`
			`}`
			`}`